holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix a few 3.9.1 bugs

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5866 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-09 03:51:25 +00:00
parent d7b7e3f9cf
commit 57d1a5612f
2 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall-common/lib.config
View File

@ -2085,12 +2085,10 @@ do_initialize() {
;;
esac
if [ $PROGRAM != compiler ]; then
strip_file zones
strip_file routestopped
strip_file interfaces
strip_file hosts
fi
strip_file zones
strip_file routestopped
strip_file interfaces
strip_file hosts
if [ $PROGRAM = compiler ]; then
strip_file_and_lib_load accounting accounting

14
Shorewall-perl/Shorewall/Rules.pm
View File

@ -436,18 +436,18 @@ sub process_routestopped() {
my $source = match_source_net $h;
my $dest = match_dest_net $h;
emit "\$IPTABLES INPUT -i $interface $source ACCEPT";
emit "\$IPTABLES OUTPUT -o $interface $dest ACCEPT" if $config{ADMINISABSENTMINDED};
emit "\$IPTABLES -A INPUT -i $interface $source -j ACCEPT";
emit "\$IPTABLES -A OUTPUT -o $interface $dest -j ACCEPT" if $config{ADMINISABSENTMINDED};
my $matched = 0;
if ( $source{$host} ) {
emit "\$IPTABLES FORWARD -i $interface $source ACCEPT";
emit "\$IPTABLES -A FORWARD -i $interface $source -j ACCEPT";
$matched = 1;
}
if ( $dest{$host} ) {
emit "\$IPTABLES FORWARD -o $interface $dest ACCEPT";
emit "\$IPTABLES -A FORWARD -o $interface $dest -j ACCEPT";
$matched = 1;
}
@ -752,11 +752,11 @@ sub setup_mac_lists( $ ) {
add_command $chainref, " ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do";
add_command $chainref, ' address=${address%/*}';
add_command $chainref, ' if [ -n "$broadcast" ]; then';
add_command $chainref, ' echo "-A $chain -s $address -d $broadcast -j RETURN" >&3';
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d \$broadcast -j RETURN\" >&3";
add_command $chainref, ' fi';
add_command $chainref, '';
add_command $chainref, ' echo "-A $chain -s $address -d 255.255.255.255 -j RETURN" >&3';
add_command $chainref, ' echo "-A $chain -s $address -d 224.0.0.0/4 -j RETURN" >&3';
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 255.255.255.255 -j RETURN\" >&3";
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3";
add_command $chainref, ' done';
add_command $chainref, 'else';
add_command $chainref, " fatal_error \"Interface $interface must be up before Shorewall can start\"";